As I read the Mozilla LDAP C SDK Programmer's Guide at: http://www.mozilla.org/directory/csdk-docs/ssl.htm#how_ssl_works_with_ldap, It says: "The Mozilla LDAP C SDK only supports SSL 3.0 and does not support the Start Transport Layer Security (TLS) Operation."
Does it means the current ldap c-sdk not supporting TLSv1? If it is the case, is there any milestone to support TLSv1? Thanks a lot for your reply. On Feb 17, 3:52 pm, huican <[email protected]> wrote: > On Feb 17, 2:12 pm, huican <[email protected]> wrote: > > > > > Hello, > > > A dummy question.. > > > Can I force the openldap to use the TLSv1 when doing SSL connection? > > > I tried to add the line such as: TLSCipherSuite TLSv1+RSA in > > slapd.conf (and also tried to add it on ldap.conf for ldapsearch), but > > it doesn't take effect, and it seems always use the SSLv3? > > > .... > > TLS trace: SSL_accept:SSLv3 read client hello A > > TLS trace: SSL_accept:SSLv3 write server hello A > > TLS trace: SSL_accept:SSLv3 write certificate A > > TLS trace: SSL_accept:SSLv3 write server done A > > > Anywhere else I should config it? > > I am using openldap 2.2.5, probably it is a little bit out-of-dated. _______________________________________________ dev-tech-ldap mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-ldap
